We are delighted to announce the availability of version 20210616033549 of Chef Automate 2.
New Features
- You can now check and update the node attributes from Chef Infra Server. Navigate to the Attributes tab: Infrastructure > Chef Infra Server > Server Name > Organization > Nodes. (#5194)
Improvements
- The Edit functionality of Roles in Environment has been disabled. (#5201)
- A spinner has been added to every delete operation performed in Chef Infra Server. (#5234)
Compliance Profile Updates
- Compliance profiles are updated to version 1.0.0/20210605110738, which includes the following profiles (#5195):
CIS sles15 v1.0.0 - Optimisation and code clean
CIS Mssql server 2017 V1.2.0
Bug Fixes
- The page redirection has been fixed while adding node credentials from the Scan Job tab on the Compliance page. (#5009)
- The Chef Environment Attributes capitalization has been fixed. (#5205)
Maintenance
- Chef Infra Server is updated from 14.1.0 to 14.4.4 which has the following changes (#5213):
- Error pages no longer display the running version of OpenResty.
- The opscode user which runs Chef Infra Server is no longer configured with an interactive shell.
- Reindexing will now gracefully fail if there is not 2.2x the current ElasticSearch data available on disk before attempting the reindex
- The HTTP Strict-Transport-Security (HSTS) max-age value for the default Chef Infra Server website can now be configured. Set the new node['private_chef']['nginx']['hsts_max_age'] to define the time in seconds the browser should remember that a site is only to be accessed using HTTPS. This configuration defaults to 31536000 (1 year) and accepts a maximum value of 63072000 (2 years).
- The Bifrost service was previously exposed externally on port 9683. This service is no longer required externally and is now only exposed to the local system to improve security.
- Chef Infra Server now defaults to supporting only TLS 1.2 for API communication. This new default may require upgrading older releases of Chef Infra Client, which do not support TLS 1.2. On Linux/Unix/macOS systems TLS 1.2 is supported in Chef Infra Client 10.16.4 and later. On Windows systems, TLS 1.2 is supported on Chef Infra Client 12.8 or later.
Chef Product Versions
This release uses:
- Chef Habitat version: 1.6.181/20201030172917
- Chef Habitat Builder version: 8997/20200812161534
- Chef Infra Server version: 14.4.4/20210520120637
- Chef InSpec version: 4.24.32/20210112215549
Service Versions
This release uses:
- Postgres: 9.6.11
- ElasticSearch: 6.8.14
- Nginx: 1.19.2
- Haproxy: 2.2.2
View the package manifest for the latest release.
How to Upgrade
By default Chef Automate 2 will automatically upgrade to this new version. If you have disabled automatic upgrades you can manually initiate an upgrade by running:
chef-automate upgrade run
As always, we welcome your feedback and invite you to contact us directly or share your feedback online. Thanks for using Chef Automate 2!